Maxime/Clyde
1
0
Fork 0
forked from PGL/Clyde
Code Pull Requests Activity

added protection for inscription requests

Browse Source
This commit is contained in:
Bartha Maxime
2024-03-18 00:14:26 +01:00
parent 2fb6aef67c
commit f484fb095e
4 changed files with 50 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java
View File

@ -6,6 +6,7 @@ import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.InscriptionService; import ovh.herisson.Clyde.Services.InscriptionService;
import ovh.herisson.Clyde.Services.ProtectionService;
import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.RequestState; import ovh.herisson.Clyde.Tables.RequestState;
import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.Role;
@ -34,13 +35,8 @@ public class InscriptionController {
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll(); Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
for (InscriptionRequest i:inscriptionRequests){ return new ResponseEntity<>(ProtectionService.requestsWithoutPasswords(inscriptionRequests), HttpStatus.OK);
toReturn.add(requestWithoutPassword(i));
}
return new ResponseEntity<>(toReturn, HttpStatus.OK);
} }
@ -55,38 +51,21 @@ public class InscriptionController {
if (foundInscriptionRequest == null) if (foundInscriptionRequest == null)
return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST); return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(requestWithoutPassword(foundInscriptionRequest), HttpStatus.OK); return new ResponseEntity<>(ProtectionService.requestWithoutPassword(foundInscriptionRequest), HttpStatus.OK);
} }
@PatchMapping("/request/register/{id}") @PatchMapping("/request/register/{id}")
public ResponseEntity<InscriptionRequest> changeRequestState(@PathVariable long id, public ResponseEntity<InscriptionRequest> changeRequestState(@PathVariable long id,
@RequestHeader("Authorization") String token, @RequestHeader("Authorization") String token,
@RequestBody RequestState requestState) @RequestBody RequestState state)
{ {
if (authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token)) if (authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
if (!inscriptionServ.modifyState(id, requestState)) if (!inscriptionServ.modifyState(id, state))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST); return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(HttpStatus.OK); return new ResponseEntity<>(HttpStatus.OK);
} }
private Map<String, Object> requestWithoutPassword(InscriptionRequest inscriptionRequest) {
Map<String, Object> toReturn = new HashMap<>();
toReturn.put("id", inscriptionRequest.getId());
toReturn.put("lastName", inscriptionRequest.getLastName());
toReturn.put("firstName", inscriptionRequest.getFirstName());
toReturn.put("address", inscriptionRequest.getAddress());
toReturn.put("email",inscriptionRequest.getEmail());
toReturn.put("birthDate", inscriptionRequest.getBirthDate());
toReturn.put("country", inscriptionRequest.getCountry());
toReturn.put("curriculum", inscriptionRequest.getCurriculumId());
toReturn.put("state", inscriptionRequest.getState());
toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
return toReturn;
}
} }

9
backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java
View File

@ -7,8 +7,10 @@ import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.ProtectionService;
import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.InscriptionRequest;
import java.util.Date; import java.util.Date;
import java.util.Map;
@RestController @RestController
@CrossOrigin(originPatterns = "*", allowCredentials = "true") @CrossOrigin(originPatterns = "*", allowCredentials = "true")
@ -45,7 +47,10 @@ public class LoginController {
} }
@PostMapping("/register") @PostMapping("/register")
public ResponseEntity<InscriptionRequest> register(@RequestBody InscriptionRequest inscriptionRequest){ public ResponseEntity<Map<String,Object>> register(@RequestBody InscriptionRequest inscriptionRequest){
return new ResponseEntity<>(authServ.register(inscriptionRequest), HttpStatus.CREATED);
InscriptionRequest returnedInscriptionRequest = authServ.register(inscriptionRequest);
return new ResponseEntity<>(ProtectionService.requestWithoutPassword(returnedInscriptionRequest), HttpStatus.CREATED);
} }
} }

9
backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
View File

@ -121,4 +121,13 @@ public class UserController {
return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(students), HttpStatus.OK); return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(students), HttpStatus.OK);
} }
@DeleteMapping("/user/{id}")
public ResponseEntity<String> deleteStudent(@RequestHeader("Authorization") String token, @PathVariable Long id){
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>(null);
userService.delete(userService.getUserById(id));
return new ResponseEntity<>(HttpStatus.OK);
}
} }

29
backend/src/main/java/ovh/herisson/Clyde/Services/ProtectionService.java
View File

@ -1,10 +1,12 @@
package ovh.herisson.Clyde.Services; package ovh.herisson.Clyde.Services;
import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map;
public class ProtectionService { public class ProtectionService {
@ -61,5 +63,32 @@ public class ProtectionService {
} }
public static Map<String, Object> requestWithoutPassword(InscriptionRequest inscriptionRequest) {
Map<String, Object> toReturn = new HashMap<>();
toReturn.put("id", inscriptionRequest.getId());
toReturn.put("lastName", inscriptionRequest.getLastName());
toReturn.put("firstName", inscriptionRequest.getFirstName());
toReturn.put("address", inscriptionRequest.getAddress());
toReturn.put("email",inscriptionRequest.getEmail());
toReturn.put("birthDate", inscriptionRequest.getBirthDate());
toReturn.put("country", inscriptionRequest.getCountry());
toReturn.put("curriculum", inscriptionRequest.getCurriculumId());
toReturn.put("state", inscriptionRequest.getState());
toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
return toReturn;
}
public static Iterable<Map<String ,Object>> requestsWithoutPasswords(Iterable<InscriptionRequest> inscriptionRequests){
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
for (InscriptionRequest i:inscriptionRequests){
toReturn.add(requestWithoutPassword(i));
}
return toReturn;
}
} }